The host is installed with CA ARCserve D2D r15 and is prone to information-disclosure vulnerability. A flaw is present in the application, which fails to properly handle sessions. Successful exploitation allows remote attackers to obtain credentials, and consequently execute arbitrary commands, via unspecified vectors.